The Real Blogger Status

As long as computers exist, and people are needed to provide technical advice, the one problem report that many of us fear is anguished, and brief. I got hacked! To many of us, this means that we have not been doing our job - because the first job of technical support is, unfortunately, security. Hillary Clinton got hacked, recently - and she was lucky. The hacker that attacked her was only poking around - and had no actual intent to cause harm. The owner of a successfully hacked Blogger blog may not be so fortunate. If you act promptly. and plan wisely, you can prevent long term inconvenience.

In 2009 , Blogger Help Forum: Get Help with an Issue had various reports about blogs mysteriously redirecting to " blogoholic.info ". Later that year, and into 2010 , we saw new reports mentioning " smashingfeeds.com ", then " sendptp.com ". When we investigated the redirections, we found people with blogs that used a picturesque animated decoration known as "falling snow" - and later, as Valentines Day 2010 approached, "falling hearts". The victimised blog owners, too frequently, admitted to having installed various gadgets provided by helpful non Blogger website owners. Diagnosing the problem, however, was frequently obscured by the claims. But I installed that gadget months ago! In some cases, diagnosed in December 2009 - February 2010, the misbehaving gadgets had been installed as far back as Summer of 2009.

Our Blogger accounts, and blogs, are under persistent attack by some rather nasty Internet users. Hackers, using other peoples computers, are constantly attempting to "guess" our Blogger passwords, and take control of our Blogger accounts and blogs. Blogger accounts are particularly vulnerable to attack , because too many blog owners Reveal their account names (email addresses) to the world. Base their passwords upon real life details. Publish blogs, where their real life details are visible to the world. Some blog owners think that by using only one computer forever, they should be able to register that one computer as theirs, and require Google to simply deny access to their Blogger / Google accounts, from any other computer. This is a very simple solution - and it's one which is doomed to failure.

We saw the symptoms of the first carefully engineered blog hijacks , in Blogger Help Forum: Something Is Broken , two years ago. During each succeeding holiday season, each attack has apparently become more and more deviously engineered. This season - each season starting in Fall of one year and lasting until Spring of the following year - we are seeing a hijack complement which appears to be devious in both marketing and installation technique, and which requires a complex search of the affected blogs. If you are receiving reports from your readers Your blog starts to load - but is quickly replaced by a page full of advertisements! you may need to exhaustively examine your blog for any third party code - and as always, the problem code may have been installed at any time in the past. When discovered, the hijacks are not consistently found in recently installed code.

We see the pain, in Blogger Help Forum: Something Is Broken , of blog owners who do not understand the need for keeping the name of their Blogger account a secret. I forgot the email address that I was using. Why can't Blogger just tell me the address?? and some ask How did this unknown person "xxxxx xxxxx" get control of my blog? Years ago, the local police would have to convince home owners Please, stop leaving a spare key under a rock, near the door! Both many blog owners (today) - like some home owners (years ago) - had the same basic problem - naivete.

In early 2010, Blogger issued a typically terse warning of a security problem, with blogs that use Mail-to-Blogger for publishing posts. To prevent abuse, a recent update to disabled easily guessable secret words. Please update your Mail2Blogger secret word. I've referred to the importance of the "secret word" some time ago - and apparently this year, a few blogs are being hit by the vulnerability.